Penetration Testing: Re: nessus exceptions

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: nessus exceptions

From: FocusHacks <focushacks () gmail com>
Date: Wed, 4 Aug 2004 09:54:55 -0500

Indeed, most pen-testers will disclose what tools they use and the raw
output of these tools if you ask.  Especially if you let them know
before the testing starts, that you'll want this information.

It would be sad if your assessment team is doing little more than
cleaning up and adding documentation to a nessus scan report.  :(

There's several applications out that can try to determine what kind
of server is running on a port.  I like to do wierd things like leave
dummy MySQL servers running on port 80 and see if the assessment team
calls it a WWW server.  However, most people here are correct that
there won't be a good way  to tell on your end if it's an actual
nessus scan.  Aside from just asking them what tools they use, the IDS
log fingerprinting seems like the most efficient solution, albeit
maybe a tedious one.

By Date By Thread

Current thread:

RE: nessus exceptions, (continued)
- RE: nessus exceptions Jerry Shenk (Aug 03)
- Re: nessus exceptions Andres Riancho (Aug 03)
  - Re: nessus exceptions Jacco Tunnissen (Aug 09)
- Re: nessus exceptions hellNbak (Aug 03)
- Re: nessus exceptions Mr. Rufus Faloofus (Aug 03)
  - Re: nessus exceptions FocusHacks (Aug 05)
    - Re: nessus exceptions Stefano Zanero (Aug 10)
- Re: nessus exceptions Paul Johnston (Aug 05)
- RE: nessus exceptions Marc Heuse (Aug 05)
- Re: nessus exceptions DokFLeed.Net (Aug 05)
  - RE: nessus exceptions Jerry Shenk (Aug 09)